<?php header('P3P: CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); ?>
<?php

function authcode($string, $operation, $key = '342323467')
{
     
    $key = md5($key ? $key : '45645656645');
    $key_length = strlen($key);
     
    $string = $operation == 'DECODE' ? base64_decode($string) : substr(md5($string.$key), 0, 8).$string;
    $string_length = strlen($string);
     
    $rndkey = $box = array();
    $result = '';
     
    for($i = 0; $i <= 255; $i++) {
    $rndkey[$i] = ord($key[$i % $key_length]);
    $box[$i] = $i;
    }
     
    for($j = $i = 0; $i <256; $i++) {
    $j = ($j + $box[$i] + $rndkey[$i]) % 256;
    $tmp = $box[$i];
    $box[$i] = $box[$j];
    $box[$j] = $tmp;
    }
     
    for($a = $j = $i = 0; $i <$string_length; $i++) {
    $a = ($a + 1) % 256;
    $j = ($j + $box[$a]) % 256;
    $tmp = $box[$a];
    $box[$a] = $box[$j];
    $box[$j] = $tmp;
    $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    }
     
    if($operation == 'DECODE') {
    if(substr($result, 0, 8) == substr(md5(substr($result, 8).$key), 0, 8)) {
    return substr($result, 8);
    } else {
    return '';
    }
    } else {
    return str_replace('=', '', base64_encode($result));
    }
 
}

require_once("myspace/myspace/MySpaceAPI.php");
require_once("myspace/Config.php"); 

if (isset($_GET['installState']) and !$_GET['installState']) { //user didn't install the app
    echo '<div style="width:100%; height:100%;padding:5px;padding-bottom:20px; text-align:center; border:#000099 solid 1px;background-color:#242526;">
        <h2 style="text-align:center;color:#ffffff">Please Add this App First!</h2>
        </div>';
       exit;
}


if ($_GET['opensocial_viewer_id']) { //for new iframe
    if (isset($_GET['opensocial_viewer_id']) and $_GET['opensocial_viewer_id'] <= 0) {
        echo '<div style="width:100%; height:100%;padding:5px;padding-bottom:20px; text-align:center; border:#000099 solid 1px;background-color:#242526;">Please Login to MySpace!
        
        </div>';
       exit;
   }
   

    $baseUrl = $config->base_url;
    $secret2 = ConfigMP::$APPLICATION_SECRET . '&';            /// put your app secret here
    $remote_signature = $_GET['oauth_signature'];
    unset($_GET['oauth_signature']);
    ksort($_GET);
    $params = urlencode(http_build_query($_GET, '', '&'));
    $params = str_replace('%2B', '%2520', $params);
    $base_string = 'GET&' . urlencode($baseUrl) . '&' . $params;
    $local_signature = base64_encode(hash_hmac("sha1", $base_string, $secret2, TRUE));
    
    if ($remote_signature == $local_signature) {
       $ownerId = $_GET['opensocial_viewer_id'];
    }
    else {
       echo "Please use your own USER ID!";
       exit;
    }
    
}

if (!empty($ownerId)) {
    $fbuid = $ownerId;
    $enc_text = authcode($ownerId,'ENCODE'); 
    $_SESSION['myspace_uid'] = $fbuid;
    setcookie("myspace_uid", $enc_text, time()-3600);
    setcookie("myspace_uid", $enc_text, 0, '/');
    $showinvite =  true;
} else {
    $fbuid = $_SESSION['myspace_uid'];
}

if (empty($fbuid)) {
    $fbuid = $_COOKIE['myspace_uid'];
    $fbuid = authcode($fbuid,'DECODE');
    echo $fbuid;
}

    
if (empty($fbuid)) {
        echo '<div style="width:100%; height:100%;padding:5px;padding-bottom:20px; text-align:center; border:#000099 solid 1px;background-color:#242526;">
        <h2 style="text-align:center;color:#ffffff">Please Login to MySpace!</h2>
        <h4 style="text-align:center;color:#ffffff">If you have already logged in, please <a href="#">click here</a></h4>
        </div>';
       exit;
}

$myspace = new MySpaceAPI(ConfigMP::$APPLICATION_KEY, ConfigMP::$APPLICATION_SECRET);
$uresult = $myspace->get_profile($fbuid);
$myspace->user = $uresult['userid'];
$myspace->usercity = $uresult['profile']['region'];
$myspace->username = $uresult['displayname'];
$myspace->userimage = $uresult['imageuri'];
if ($uresult['profile']['gender'] == 'Male') {
	$myspace->gender = 1;
} else if ($uresult['profile']['gender'] == 'Female') {
	$myspace->gender = 2;
} else {
	$myspace->gender = 0;
}
Registry::set('myspace', $myspace);
?> 

